Dragonfly CMS logo Server sponsored and hosted by
DedicatedNOW
CVS logo  
.:: Home :: Dev. Resources :: Forums ::.
Dragonfly CMS CVS Repository
 Location: / cvs / html / includes / cmsinit.inc
This is a web interface to the Dragonfly CMS CVS tree. You can browse the file hierarchy by picking directories. If you pick a file, you will see the revision history for that file.
Selecting a revision number will show that revision of the file. There are links at each revision to display diffs, annotate and download.
Note: Info about CVS and our commits can be found at our CVS Info Forum
File name: html/includes/cmsinit.inc
Revision : 9.80 (8 years 4 months 1 weeks 6 days 11 hours 29 minutes 27 seconds ago) by djmaze
Changed : +51 -79 lines
Comment: Added the drafts of the long awaited Security system which i designed for MOO now into Dragonfly
It bans bad referers, bots and has flood protection
NOTE: this is only a draft so don't expect everything working as it should


# Author Rev Line
1 djmaze 1.1 <?php
2 djmaze 1.1 /*********************************************
3 djmaze 9.16 CPG Dragonfly™ CMS
4 djmaze 1.1 ********************************************
5 djmaze 9.16 Copyright © 2004 - 2005 by CPG-Nuke Dev Team
6 djmaze 9.58 http://dragonflycms.org
7 djmaze 1.1  
8 djmaze 9.16 Dragonfly is released under the terms and conditions
9 djmaze 8.10 of the GNU GPL version 2 or any later version
10 djmaze 1.1  
11 djmaze 9.17 $Source: /cvs/html/includes/cmsinit.inc,v $
12 djmaze 9.80 $Revision: 9.79 $
13 djmaze 9.68 $Author: djmaze $
14 djmaze 9.80 $Date: 2005/12/03 07:25:25 $
15 djmaze 9.16 **********************************************/
16 djmaze 9.64 # Disable DOS Attacks and any other strange behavior
17 akamu 9.66 if (((empty($_SERVER['HTTP_USER_AGENT']) || $_SERVER['HTTP_USER_AGENT'] == '-') && !defined('XMLFEED')) || defined('CORE_PATH')) { exit; }
18 akamu 9.66  
19 djmaze 9.78 #
20 djmaze 9.78 # Create constants
21 djmaze 9.78 #
22 djmaze 9.78  
23 djmaze 9.78 define('START_TIME', get_microtime());
24 djmaze 9.80 define('CPG_NUKE', '9.1.0.2');
25 akamu 9.66  
26 djmaze 9.78 # Store the path of our (shared) core files
27 djmaze 9.78 $root_path = dirname(__FILE__);
28 djmaze 9.78 if (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') { $root_path = str_replace('\\', '/', $root_path); }
29 djmaze 9.78 define('CORE_PATH', ((strlen($root_path) > 2) ? $root_path : './includes').'/');
30 djmaze 9.78 if (!defined('BASEDIR')) { define('BASEDIR', dirname(CORE_PATH).'/'); }
31 djmaze 9.78 if (!file_exists(CORE_PATH.'config.php')) { cpg_error('You must install Dragonfly first before you can use it'); }
32 djmaze 9.78  
33 djmaze 9.78 $phpver = explode('.', phpversion());
34 djmaze 9.78 $phpver = "$phpver[0]$phpver[1]";
35 djmaze 9.78 define('PHPVERS', $phpver);
36 djmaze 9.78  
37 djmaze 9.78 define('GZIPSUPPORT', extension_loaded('zlib'));
38 djmaze 1.22  
39 djmaze 9.64 # Are we allowed to modify php.ini on the fly ?
40 djmaze 8.35 define('CAN_MOD_INI', !ereg('ini_set', ini_get('disable_functions')));
41 djmaze 8.35  
42 djmaze 9.64 # http://bugs.php.net/bug.php?id=31849
43 djmaze 9.78 define('_DRAGONLY_OWNER', (strtoupper(substr(PHP_OS, 0, 3)) == 'WIN') ? 'N/A' : get_current_user());
44 djmaze 9.78  
45 djmaze 9.78 unset($root_path, $phpver);
46 djmaze 9.78  
47 djmaze 9.78 #
48 djmaze 9.78 # Set default settings
49 djmaze 9.78 #
50 djmaze 9.78  
51 djmaze 9.78 set_magic_quotes_runtime(0); # Disable magic_quotes_runtime
52 djmaze 9.78 umask(0);
53 djmaze 9.78  
54 djmaze 9.78 if (CAN_MOD_INI) {
55 djmaze 9.78 ini_set('magic_quotes_sybase', 0);
56 djmaze 9.78 // ini_set('include_path', ini_get('include_path').';'.CORE_PATH);
57 djmaze 9.79 ini_set('zlib.output_compression', 0);
58 djmaze 8.15 }
59 djmaze 9.78  
60 djmaze 9.64 # Compress output if server/php config allows
61 djmaze 9.80 if (ini_get('output_buffering')) {
62 djmaze 9.80 ob_end_clean();
63 djmaze 9.80 header('Content-Encoding: none');
64 djmaze 9.80 }
65 djmaze 9.80 if (!defined('INSTALL')) {
66 djmaze 9.80 if (GZIPSUPPORT && !ini_get('zlib.output_compression') && isset($_SERVER['HTTP_ACCEPT_ENCODING']) && eregi('gzip', $_SERVER['HTTP_ACCEPT_ENCODING'])) {
67 djmaze 9.64 if (PHPVERS >= 43) { # PHP 4.2.x seems to give memleak
68 djmaze 9.16 ob_start('ob_gzhandler');
69 djmaze 9.16 } else {
70 djmaze 9.80 define('GZIP_COMPRESS', true);
71 djmaze 9.16 ob_start();
72 djmaze 9.16 ob_implicit_flush(0);
73 djmaze 9.16 header('Content-Encoding: gzip');
74 djmaze 9.16 }
75 djmaze 9.16 } else {
76 djmaze 9.64 # Some stupid firewalls don't send the HTTP_ACCEPT_ENCODING
77 djmaze 9.64 # So we still compress in memory for fast page generations
78 djmaze 9.64 # But it will take longer for the visitor to see the page.
79 djmaze 9.16 ob_start();
80 djmaze 9.16 ob_implicit_flush(0);
81 djmaze 9.16 }
82 djmaze 1.1 }
83 djmaze 9.80 if (!defined('GZIP_COMPRESS')) { define('GZIP_COMPRESS', false); }
84 djmaze 1.1  
85 djmaze 9.80 #
86 djmaze 9.80 # Check input variables
87 djmaze 9.80 #
88 djmaze 9.80  
89 djmaze 9.80 # Destroy GET/POST/Cookie variables from the global scope since IIS can't
90 djmaze 9.80 # turn off register_globals as Apache can thru .ht*
91 djmaze 9.80 if (intval(ini_get('register_globals')) != 0) {
92 djmaze 9.80 foreach ($_REQUEST AS $key => $val) { if (isset($$key)) unset($$key); }
93 djmaze 9.80 }
94 djmaze 9.80 if (get_magic_quotes_gpc() || ini_get('magic_quotes_sybase')) {
95 djmaze 9.80 if (is_array($_GET)) { array_walk($_GET, 'StripGPCSlashes'); }
96 djmaze 9.80 if (is_array($_POST)) { array_walk($_POST, 'StripGPCSlashes'); }
97 djmaze 9.80 if (is_array($_COOKIE)) { array_walk($_COOKIE, 'StripGPCSlashes'); }
98 djmaze 9.80 }
99 djmaze 9.80  
100 djmaze 9.80 require_once(CORE_PATH.'classes/cpg_debugger.php'); # we define our own error handler
101 djmaze 9.80 require_once(CORE_PATH.'config.php');
102 djmaze 9.54 require_once(CORE_PATH.'db/db.php');
103 djmaze 9.54 require_once(CORE_PATH.'classes/cpg_cache.php');
104 djmaze 9.54 require_once(CORE_PATH.'classes/time.php');
105 djmaze 9.54 require_once(CORE_PATH.'functions/linking.php');
106 djmaze 9.16 if (!defined('XMLFEED') && !defined('INSTALL')) {
107 djmaze 9.54 require_once(CORE_PATH.'functions/display.php');
108 djmaze 9.54 require_once(CORE_PATH.'classes/cpg_member.php');
109 djmaze 9.76 require_once(CORE_PATH.'classes/multibyte.php');
110 djmaze 9.54 require_once(CORE_PATH.'classes/session.php');
111 djmaze 9.54 require_once(CORE_PATH.'classes/template.php');
112 djmaze 9.16 }
113 djmaze 9.9 header('X-Powered-By: Dragonfly CMS using PHP engine');
114 djmaze 1.1 if (defined('INSTALL')) return;
115 djmaze 1.1  
116 djmaze 8.30 if (!Cache::array_load('MAIN_CFG')) {
117 djmaze 9.16 $result = $db->sql_query('SELECT * FROM '.$prefix.'_config_custom', true);
118 djmaze 9.16 if (!$result) { url_redirect('install.php'); }
119 djmaze 9.16 while ($row = $db->sql_fetchrow($result)) {
120 djmaze 9.16 $MAIN_CFG[$row['cfg_name']][$row['cfg_field']] = $row['cfg_value'];
121 djmaze 9.16 }
122 djmaze 9.16 Cache::array_save('MAIN_CFG');
123 djmaze 9.16 $db->sql_freeresult($result);
124 djmaze 1.4 }
125 djmaze 9.50 if (version_compare($MAIN_CFG['global']['Version_Num'], CPG_NUKE, '<')) {
126 trevor 9.60 cpg_error('<strong>We are currently upgrading our website.<br />Please be patient; we should be back shortly.</strong>', 'Maintenance');
127 djmaze 9.50 }
128 djmaze 8.35 $cpgdebugger->error_level = $MAIN_CFG['debug']['error_level'];
129 akamu 9.37 if (CAN_MOD_INI) ini_set('sendmail_from', $MAIN_CFG['global']['adminmail']);
130 djmaze 9.45 if (CPG_DEBUG) { trigger_error('sendmail_from: '.ini_get('sendmail_from'),E_USER_NOTICE); }
131 djmaze 9.69 if (eregi('^(localhost|127.0.0.1|192.168|10.|172.(1[6-9]|2[0-9]|3[0-1]).)', $_SERVER['HTTP_HOST'])) $MAIN_CFG['cookie']['domain'] = NULL;
132 djmaze 8.23 else if ($MAIN_CFG['cookie']['server']) {
133 djmaze 9.77 $MAIN_CFG['cookie']['domain'] = $MAIN_CFG['server']['domain'] = str_replace('www.', '', $_SERVER['SERVER_NAME']);
134 djmaze 8.23 }
135 djmaze 9.52 $MAIN_CFG['global']['nukeurl'] = 'http://'.$MAIN_CFG['server']['domain'].substr($MAIN_CFG['server']['path'], 0, -1);
136 djmaze 9.77 $MAIN_CFG['server']['domain'] = preg_replace('#[a-z]+://#i', '', $MAIN_CFG['server']['domain']);
137 djmaze 1.48  
138 djmaze 9.52 if (!extension_loaded('gd')) { $MAIN_CFG['global']['sec_code'] = 0; }
139 djmaze 9.52 if ($MAIN_CFG['global']['admingraphic'] < 1) $MAIN_CFG['global']['admingraphic'] = 3;
140 djmaze 1.49 if (empty($MAIN_CFG['cookie']['member'])) $MAIN_CFG['cookie']['member'] = 'member';
141 djmaze 1.49 if (empty($MAIN_CFG['cookie']['admin'])) $MAIN_CFG['cookie']['admin'] = 'admin';
142 djmaze 1.52 $BASEHREF = ($_SERVER['SERVER_PORT'] != 443 ? 'http' : 'https') . '://';
143 djmaze 1.52 $BASEHREF .= (isset($_SERVER['HTTP_HOST']) ? $_SERVER['HTTP_HOST'] : $MAIN_CFG['server']['domain']);
144 djmaze 1.52 $BASEHREF .= $MAIN_CFG['server']['path'];
145 djmaze 8.37 extract($MAIN_CFG['global'], ((PHPVERS >= 43) ? EXTR_OVERWRITE | EXTR_REFS : EXTR_OVERWRITE));
146 djmaze 1.1  
147 djmaze 9.64 if (defined('XMLFEED')) return; # no need to load everything if it's a feed
148 djmaze 1.1  
149 djmaze 9.21 /******************************************************************************
150 djmaze 9.21 Set default metatags
151 djmaze 9.21 *******************************************************************************/
152 djmaze 9.21 $METATAGS['description'] = $slogan;
153 djmaze 9.21 $METATAGS['keywords'] = '';
154 djmaze 9.21 $METATAGS['resource-type'] = 'document';
155 djmaze 9.21 $METATAGS['distribution'] = 'global';
156 djmaze 9.21 $METATAGS['author'] = $sitename;
157 djmaze 9.21 $METATAGS['copyright'] = 'Copyright (c) '.date('Y').' by '.$sitename;
158 djmaze 9.21 $METATAGS['robots'] = 'index, follow';
159 djmaze 9.21 $METATAGS['rating'] = 'general';
160 djmaze 9.58 $METATAGS['generator'] = 'CPG Dragonfly CMS: Copyright (c) 2003-'.date('Y').' by CPG-Nuke Development Team, http://dragonflycms.org';
161 djmaze 9.21 //$METATAGS['revisit-after'] = '1 days';
162 djmaze 9.21 $METATAGS['MSSmartTagsPreventParsing'] = 'true';
163 djmaze 9.21  
164 djmaze 9.21 /******************************************************************************
165 djmaze 9.21 Start the session
166 djmaze 9.21 *******************************************************************************/
167 djmaze 9.80 $CPG_SESS = array();
168 djmaze 1.6 $SESS =& new cpg_session();
169 djmaze 9.21  
170 djmaze 9.80 require_once(CORE_PATH.'classes/security.php');
171 djmaze 9.80 Security::init();
172 djmaze 9.80  
173 djmaze 9.16 /******************************************************************************
174 djmaze 9.21 Load member/visitor details and ban him if he is listed in the banlist
175 djmaze 9.21 *******************************************************************************/
176 djmaze 1.18 $CLASS['member'] =& new cpg_member();
177 djmaze 9.44 $userinfo =& $_SESSION['CPG_USER'];
178 djmaze 9.80  
179 djmaze 9.80 # Do second security check with session/member related settings
180 djmaze 9.80 if (!is_admin()) Security::check();
181 djmaze 9.21  
182 djmaze 9.21 /******************************************************************************
183 djmaze 9.22 Are we requesting the security code ?
184 djmaze 9.21 *******************************************************************************/
185 djmaze 9.22 if (isset($_GET['name']) && ($_GET['name'] == 'gfx' || (isset($_GET['op']) && $_GET['name'] == 'Your_Account' && $_GET['op'] == 'gfx'))) {
186 djmaze 9.22 require(BASEDIR.'includes/gfxchk.php');
187 djmaze 1.1 }
188 djmaze 9.21  
189 djmaze 9.21 /******************************************************************************
190 djmaze 9.72 Check if the <form> POST is comming from this server
191 djmaze 9.72 *******************************************************************************/
192 djmaze 9.72 if (!is_user() && $_SERVER['REQUEST_METHOD'] == 'POST' && empty($CPG_SESS['user']['uri'])) {
193 djmaze 9.72 if (PHPVERS >= 43) {
194 djmaze 9.72 trigger_error('<pre>'.print_r($CPG_SESS, true).'</pre>', E_USER_WARNING);
195 djmaze 9.72 }
196 djmaze 9.72 cpg_error('Please enable cookies to post on this site. If you feel that you have reached this message in error please go back to the preceding page and post again');
197 djmaze 9.72 }
198 djmaze 9.72  
199 djmaze 9.72 /******************************************************************************
200 djmaze 9.22 Load the administrator and if no admin turn of error reports
201 djmaze 9.21 *******************************************************************************/
202 djmaze 9.22 if (!$CLASS['member']->loadadmin()) {
203 djmaze 9.22 error_reporting(0);
204 djmaze 9.21 }
205 djmaze 9.21  
206 djmaze 9.21 /******************************************************************************
207 djmaze 9.21 Check if maintenance is turned on
208 djmaze 9.21 *******************************************************************************/
209 trevor 1.50 if ($MAIN_CFG['global']['maintenance'] && !is_admin() && !defined('ADMIN_PAGES') && !defined('INSTALL')) {
210 djmaze 9.16 cpg_error('<strong>'.$MAIN_CFG['global']['maintenance_text'].'</strong>', 'Maintenance');
211 djmaze 1.1 }
212 djmaze 9.21  
213 djmaze 9.16 /******************************************************************************
214 djmaze 9.80 Load the theme template system
215 djmaze 9.16 *******************************************************************************/
216 djmaze 9.22 $ThemeSel = get_theme();
217 djmaze 9.64 # Load template handler
218 djmaze 1.7 $cpgtpl =& new cpg_template();
219 djmaze 9.70 $template =& $cpgtpl;
220 djmaze 9.80 $showblocks = 1;
221 djmaze 9.80 $pagetitle = $modheader = '';
222 djmaze 1.7  
223 djmaze 9.22 $SESS->init_info();
224 djmaze 9.22  
225 djmaze 9.22 /******************************************************************************
226 djmaze 9.22 Include language to detect languages from browser setting and user preferences
227 djmaze 9.22 Join the nuke language initiative (NLI) http://cpgnuke.com
228 djmaze 9.22 *******************************************************************************/
229 djmaze 9.54 require_once(CORE_PATH.'functions/language.php');
230 djmaze 9.22  
231 djmaze 9.72 header('Content-Type: text/html; charset=utf-8');
232 djmaze 8.17 header('Content-language: '._LANGCODE);
233 djmaze 9.64 # standard privacy header change to yours
234 djmaze 1.7 header('P3P: CP="CAO DSP COR CURa ADMa DEVa OUR IND PHY ONL UNI COM NAV INT DEM PRE"');
235 djmaze 1.7 //header("P3P: CP=\"ALL DSP COR NID CURa OUR STP PUR\"");
236 djmaze 9.64 # Notify server time
237 djmaze 9.72 header('Date: '.date('D, d M Y H:i:s', gmtime()).' GMT');
238 djmaze 9.72 header('Last-Modified: '.date('D, d M Y H:i:s', gmtime()).' GMT');
239 djmaze 9.72 header('Expires: 0');
240 djmaze 9.72 //header('Expires: '.date('D, d M Y H:i:s \G\M\T', gmtime() + 10800));
241 djmaze 8.28 define('USERS', 'YToxOntzOjQ6Im51a2UiO3M6MzE5OiIkY29wcGVybWluZT0iVGhpcyB3ZWJzaXRlIGVuZ2luZSBDb3B5cmlnaHQgJmNvcHk7IDIwMDMgLSAiLmRhdGUoJ1knKS4iIGJ5IENQRy1OdWtlIERldiBUZWFtPGJyIC8+RnJlZSBTb2Z0d2FyZSByZWxlYXNlZCB1bmRlciB0aGUgPGEgaHJlZj1cImh0dHA6L'
242 djmaze 8.28 .'y93d3cuZHJhZ29uZmx5Y21zLmNvbS9HTlVHUEwuaHRtbFwiIHRhcmdldD1cIl9ibGFua1wiPkdOVSBHUEw8L2E+OyBlaXRoZXIgdmVyc2lvbiAyIG9mIHRoZSBMaWNlbnNlLCBvciAoYXQgeW91ciBvcHRpb24pIGFueSBsYXRlciB2ZXJzaW9uLiBObyB3YXJyYW50eSBpcyBnaXZlbiBvciBpbXBsaWVkLiI7Ijt9', true);
243 djmaze 1.3  
244 djmaze 8.8 function get_microtime() {
245 djmaze 9.16 list($usec, $sec) = explode(' ', microtime());
246 djmaze 9.16 return ($usec + $sec);
247 djmaze 8.8 }
248 djmaze 8.8  
249 djmaze 9.64 # Function which removes \015\012 which causes linebreaks in SMTP email
250 djmaze 1.1 function removecrlf($str) {
251 djmaze 9.16 return strtr($str, "\015\012", ' ');
252 djmaze 1.1 }
253 djmaze 9.16 /******************************************************************************
254 djmaze 1.1  
255 djmaze 9.16 Sends a email thru PHP or SMTP using plain text or html formatted
256 djmaze 9.16 bool send_mail(
257 djmaze 9.16 &$mailer_message: returns info about the send mail or the error message
258 djmaze 9.16 $message : the message that you want to send
259 djmaze 9.16 $html : send message as html or text 1 = html, 0 = text(default)
260 djmaze 9.16 $subject : the subject of the message, default = _FEEDBACK
261 djmaze 9.16 $to : emailaddress of person to send to, default = admin mailaddress
262 djmaze 9.16 $to_name : name of person to send to, default = sitename
263 djmaze 9.16 $from : emailaddress of person who sends the message, default = admin mailaddress
264 djmaze 9.16 $from_name: name of person who sends the message, default = sitename
265 djmaze 9.42 $custom_headers: array of custom mail headers
266 djmaze 9.16 )
267 djmaze 1.1  
268 djmaze 9.16 *******************************************************************************/
269 djmaze 9.42 function send_mail(&$mailer_message, $message, $html=0, $subject='', $to='', $to_name='', $from='', $from_name='', $custom_headers=false) {
270 djmaze 9.16 global $MAIN_CFG, $module_name, $PHPMAILER_LANG, $CLASS;
271 alexm 1.14  
272 djmaze 9.16 if ($module_name != 'Contact' && function_exists('get_lang')) { get_lang('Contact'); }
273 djmaze 9.43 if (empty($to)) $to = $MAIN_CFG['global']['adminmail'];
274 djmaze 9.16 if ($from == '') $from = $MAIN_CFG['global']['adminmail'];
275 djmaze 9.16 if (isset($CLASS['member']) && $CLASS['member']->demo && $to != $MAIN_CFG['global']['adminmail']) {
276 djmaze 9.16 $mailer_message = 'The mail system has been disabled in the administration demo';
277 djmaze 9.16 return false;
278 djmaze 9.16 }
279 djmaze 9.16 if (is_email($from) < 1) {
280 djmaze 9.16 $mailer_message = $PHPMAILER_LANG['from_failed'].$from;
281 djmaze 9.16 return false;
282 djmaze 9.16 }
283 djmaze 9.16 if (!function_exists('get_lang')) {
284 djmaze 9.16 global $PHPMAILER_LANG;
285 djmaze 9.16 include_once(BASEDIR.'language/english/main.php');
286 djmaze 9.16 }
287 djmaze 9.54 require_once(CORE_PATH.'classes/phpmailer.php');
288 djmaze 9.16 $CLASS['mail']->ClearAll();
289 djmaze 9.16 $CLASS['mail']->SetLanguage();
290 djmaze 9.16 if ($MAIN_CFG['email']['smtp_on']) {
291 djmaze 9.64 $CLASS['mail']->IsSMTP(); # set mailer to use SMTP
292 djmaze 9.16 $CLASS['mail']->Host = $MAIN_CFG['email']['smtphost'];
293 djmaze 9.16 if ($MAIN_CFG['email']['smtp_auth']) {
294 djmaze 9.64 $CLASS['mail']->SMTPAuth = true; # turn on SMTP authentication
295 djmaze 9.64 $CLASS['mail']->Username = $MAIN_CFG['email']['smtp_uname']; # SMTP username
296 djmaze 9.64 $CLASS['mail']->Password = $MAIN_CFG['email']['smtp_pass']; # SMTP password
297 djmaze 9.16 }
298 djmaze 9.16 } else {
299 djmaze 9.16 $CLASS['mail']->IsMail();
300 djmaze 9.16 }
301 djmaze 9.16 $CLASS['mail']->From = removecrlf($from);
302 djmaze 9.16 $CLASS['mail']->FromName = ($from_name!='') ? removecrlf($from_name) : $MAIN_CFG['global']['sitename'];
303 djmaze 9.16 if (is_array($to)) {
304 djmaze 9.16 foreach ($to as $to_email => $to_name) {
305 djmaze 9.16 if (is_email($to_email) < 1) {
306 djmaze 9.16 $mailer_message = $PHPMAILER_LANG['recipients_failed'].$to;
307 djmaze 9.16 return false;
308 djmaze 9.16 }
309 djmaze 9.16 $CLASS['mail']->AddBCC(removecrlf($to_email), removecrlf($to_name));
310 djmaze 9.16 }
311 djmaze 9.16 } elseif (is_email($to) < 1) {
312 djmaze 9.16 $mailer_message = $PHPMAILER_LANG['recipients_failed'].$to;
313 djmaze 9.16 return false;
314 djmaze 9.16 } elseif ($to_name != '') {
315 djmaze 9.16 $CLASS['mail']->AddAddress(removecrlf($to), removecrlf($to_name));
316 djmaze 9.16 } else {
317 djmaze 9.16 $CLASS['mail']->AddAddress(removecrlf($to));
318 djmaze 9.16 }
319 djmaze 9.42  
320 djmaze 9.42 if (is_array($custom_headers) && count($custom_headers)) {
321 djmaze 9.42 foreach ($custom_headers as $header) {
322 djmaze 9.42 $CLASS['mail']->AddCustomHeader($header);
323 djmaze 9.42 }
324 djmaze 9.42 }
325 djmaze 9.42  
326 djmaze 9.16 $CLASS['mail']->Priority = 3;
327 djmaze 9.16 $CLASS['mail']->Encoding = '8bit';
328 djmaze 9.16 $CLASS['mail']->CharSet = _CHARSET;
329 djmaze 9.16 $CLASS['mail']->Subject = ($subject!='') ? removecrlf($subject) : _FEEDBACK;
330 djmaze 9.16 if ($html && ($MAIN_CFG['email']['allow_html_email'] || is_admin())) {
331 djmaze 9.16 if (function_exists('get_lang')) {
332 djmaze 9.16 require_once(BASEDIR.'includes/nbbcode.php');
333 djmaze 9.16 $message = decode_bbcode($message, 0, true);
334 djmaze 9.16 }
335 djmaze 9.16 $CLASS['mail']->IsHTML(true);
336 djmaze 9.16 $CLASS['mail']->AltBody = strip_tags($message);
337 djmaze 9.16 $CLASS['mail']->Body = $message;
338 djmaze 9.16 } else {
339 djmaze 9.16 $CLASS['mail']->IsHTML(false);
340 djmaze 9.16 $CLASS['mail']->Body = strip_tags($message);
341 djmaze 9.16 }
342 djmaze 9.16 $mailer_message = '';
343 djmaze 9.16 if (!$CLASS['mail']->Send()) {
344 djmaze 9.16 $mailer_message .= 'Message could not be sent.<p>';
345 djmaze 9.16 $mailer_message .= 'Mailer Error: ' . $CLASS['mail']->ErrorInfo;
346 djmaze 9.16 return false;
347 djmaze 9.16 } else {
348 djmaze 9.16 $mailer_message .= '<p align="center">'._SUCCESS_MESSAGE_SENT.'<br />';
349 djmaze 9.16 $mailer_message .= "<code>$message</code><br />";
350 djmaze 9.16 $mailer_message .= '<p align="center">'._MAHALO.'</center></p>';
351 djmaze 9.16 return true;
352 djmaze 9.16 }
353 djmaze 9.16 //return $mailer_message;
354 djmaze 1.1 }
355 djmaze 1.1  
356 djmaze 9.16 /******************************************************************************
357 djmaze 1.1 Returns if the emailaddress is valid or not
358 djmaze 9.16 *******************************************************************************/
359 djmaze 1.1 function is_email(&$email) {
360 djmaze 9.16 global $DeniedEmailDomains;
361 djmaze 9.48 static $domains;
362 djmaze 9.16 if (strlen($email) < 5) return 0;
363 djmaze 9.16 $email = strtolower($email);
364 djmaze 9.73 # Although RFC 1035 doesn't allow 1 char subdomains we allow it due to
365 djmaze 9.73 # bug report 641
366 djmaze 9.16 if (!ereg('^[_\.\+0-9a-z-]+@[0-9a-z-]{2,63}\.+[a-z]{2,6}$',$email) &&
367 djmaze 9.73 !ereg('^[_\.\+0-9a-z-]+@[_0-9a-z\-]{1,25}\.+[_0-9a-z\-]{2,63}\.+[a-z]{2,6}$',$email) &&
368 djmaze 9.73 !ereg('^[_\.\+0-9a-z-]+@[_0-9a-z\-]{1,25}\.+[_0-9a-z\-]{2,63}\.+[a-z]{2,6}\.+[a-z]{2,6}$',$email)) {
369 djmaze 9.16 // "#\[email\]([a-z0-9&\-_.]+?@[\w\-]+\.([\w\-\.]+\.)?[\w]+)\[/email\]#si"
370 djmaze 9.16 return -1;
371 djmaze 9.16 }
372 djmaze 9.49 if (empty($domains)) {
373 djmaze 9.48 $DeniedEmailDomains[] = 'mydomain.com';
374 djmaze 9.48 $domains = implode('|', $DeniedEmailDomains);
375 djmaze 9.48 }
376 djmaze 9.16 $email = explode('@', $email);
377 djmaze 9.48 if (eregi("($domains)", $email[1])) { return -2; }
378 djmaze 9.16 $email = implode('@', $email);
379 djmaze 9.16 return 1;
380 djmaze 1.1 }
381 djmaze 1.1  
382 djmaze 9.16 /******************************************************************************
383 djmaze 1.1 Returns admin name if the user is an administrator, otherwise false
384 djmaze 9.16 *******************************************************************************/
385 djmaze 1.1 function is_admin() {
386 djmaze 9.16 global $CLASS;
387 djmaze 9.16 return (isset($CLASS['member']) && is_object($CLASS['member'])) ? $CLASS['member']->admin_id : false;
388 djmaze 1.1 }
389 djmaze 8.5 function can_admin($module='super') {
390 djmaze 9.16 global $CLASS;
391 djmaze 9.16 $module = strtolower($module);
392 djmaze 9.16 $adminfo =& $CLASS['member']->admin;
393 djmaze 9.16 return (is_array($adminfo) && isset($adminfo['radmin'.$module]) && ($adminfo['radminsuper'] || $adminfo['radmin'.$module])) ? true : false;
394 djmaze 1.1 }
395 djmaze 9.16 /******************************************************************************
396 djmaze 1.1 Returns member ID if the user is an registered member, otherwise false
397 djmaze 9.16 *******************************************************************************/
398 djmaze 1.1 function is_user() {
399 djmaze 9.16 global $CLASS;
400 djmaze 9.16 return ($CLASS['member']->user_id > 1) ? $CLASS['member']->user_id : false;
401 djmaze 1.1 }
402 djmaze 9.16 /******************************************************************************
403 djmaze 1.36 Returns groupname if visitor is in the group, otherwise false
404 djmaze 9.16 *******************************************************************************/
405 djmaze 1.36 function in_group($id) {
406 djmaze 9.16 global $userinfo;
407 djmaze 9.16 if (isset($userinfo['_mem_of_groups'][$id])) {
408 djmaze 9.16 return $userinfo['_mem_of_groups'][$id];
409 djmaze 9.16 } else {
410 djmaze 9.16 return false;
411 djmaze 9.16 }
412 djmaze 1.1 }
413 djmaze 9.16 /******************************************************************************
414 djmaze 1.1 See includes/classes/cpg_member -> getmemdata() for details
415 djmaze 9.16 *******************************************************************************/
416 djmaze 1.1 function getusrdata($user, $data='*') {
417 djmaze 9.16 global $CLASS;
418 djmaze 9.16 return $CLASS['member']->getmemdata($user, $data);
419 djmaze 1.1 }
420 djmaze 1.1  
421 djmaze 1.1 function is_active($module) {
422 djmaze 9.16 global $prefix, $db, $active_modules;
423 djmaze 9.64 static $save; # Added by steven111
424 djmaze 9.16 if (is_array($save)) {
425 djmaze 9.16 if (isset($save[$module])) return ($save[$module]);
426 djmaze 9.16 return 0;
427 djmaze 9.16 }
428 djmaze 9.16 if (!Cache::array_load('active_modules')) {
429 djmaze 9.56 $result = $db->sql_query('SELECT title, version FROM '.$prefix.'_modules WHERE active=1');
430 djmaze 9.56 while ($row = $db->sql_fetchrow($result, SQL_NUM)) {
431 djmaze 9.56 $active_modules[$row[0]] = (intval($row[1]) > 0) ? $row[1] : 1;
432 djmaze 9.16 }
433 djmaze 9.16 $db->sql_freeresult($result);
434 djmaze 9.16 Cache::array_save('active_modules');
435 djmaze 9.16 }
436 djmaze 9.16 $save = $active_modules;
437 djmaze 9.16 if (isset($save[$module])) return ($save[$module]);
438 djmaze 9.16 return 0;
439 djmaze 1.1 }
440 djmaze 1.46  
441 djmaze 9.80 # Strip slashes from GET/POST/Cookie variables because we add them back later
442 djmaze 9.80 function StripGPCSlashes(&$value, $key) {
443 djmaze 9.80 if (is_array($value)) array_walk($value, 'StripGPCSlashes');
444 djmaze 9.80 else $value = stripslashes($value);
445 djmaze 9.80 $_REQUEST[$key] =& $value;
446 djmaze 9.80 }
447 djmaze 9.80  
448 djmaze 9.61 function strip_javascript($text, $events=true) {
449 djmaze 9.61 $patterns[] = '/<\s*script[^>]*?>.*?<\/\s*script\s*>/i';
450 djmaze 9.61 $patterns[] = '/href\s*=\s*\'\s*javascript.*\'/i';
451 djmaze 9.61 $patterns[] = '/href\s*=\s*"\s*javascript.*"/i';
452 djmaze 9.61 if ($events) {
453 djmaze 9.61 $events = 'blur|click|dblclick|focus|load|unload|select|change'
454 djmaze 9.61 .'|submit|abort|error|reset|dragdrop|keydown|keypress|keyup'
455 djmaze 9.61 .'|mouseout|mouseover|mousedown|mousemove|mouseup|move|resize';
456 djmaze 9.62 $patterns[] = '/on('.$events.')\s*=\s*\'.*?\'/i';
457 djmaze 9.62 $patterns[] = '/on('.$events.')\s*=\s*".*?"/i';
458 djmaze 9.61 }
459 djmaze 9.61 return preg_replace($patterns,'',$text);
460 djmaze 9.61 }
461 djmaze 9.61  
462 djmaze 1.46 function htmlprepare($str, $nl2br=false, $spchar=ENT_QUOTES, $nohtml=false) {
463 djmaze 9.64 if ($nohtml) { $str = strip_tags($str, $nohtml); } # $nohtml : <a><br><b><i><img><li><ol><p><strong><u><ul>
464 djmaze 9.64 $str = htmlspecialchars($str,$spchar,'UTF-8'); # htmlentities sucks cos it converts all chars
465 djmaze 9.16 if ($nl2br) { $str = nl2br($str); }
466 djmaze 9.16 return trim($str);
467 djmaze 1.46 }
468 djmaze 8.1 function htmlunprepare($str, $nl2br=false) {
469 djmaze 9.16 $unhtml_specialchars_match = array('#&gt;#', '#&lt;#', '#&quot;#', '#&\#039;#', '#&amp;#');
470 djmaze 9.16 $unhtml_specialchars_replace = array('>', '<', '"', '\'', '&');
471 djmaze 9.16 if ($nl2br) {
472 djmaze 9.16 $unhtml_specialchars_match[] = "#<br />\n#";
473 djmaze 9.16 $unhtml_specialchars_replace[] = "\n";
474 djmaze 9.16 }
475 djmaze 9.16 return preg_replace($unhtml_specialchars_match, $unhtml_specialchars_replace, $str);
476 djmaze 8.1 }
477 djmaze 1.47 function html2bb($text) {
478 djmaze 9.16 $text = ereg_replace('<', ' <', $text);
479 djmaze 9.16 $text = preg_replace('/<ol type="([a1])">/si', '/\[list=\\1\]', $text);
480 djmaze 9.16 $text = preg_replace('/<(b|u|i|hr)>/sie', "'['.strtolower(\\1).']'", $text);
481 djmaze 9.16 $text = preg_replace('/<\/(b|u|i|hr)>/sie', "'[/'.strtolower(\\1).']'", $text);
482 djmaze 9.16 $text = preg_replace('#<img(.*?)src="(.*?)\.(gif|png|jpg|jpeg)"(.*?)>#si', '[img]\\2.\\3[/img]', $text);
483 djmaze 9.16 $text = str_replace('<ul>', '[list]', $text);
484 djmaze 9.16 $text = str_replace('<li>', '[*]', $text);
485 djmaze 9.16 $text = str_replace('</ul>', '[/list:u]', $text);
486 djmaze 9.16 $text = str_replace('</ol>', '[/list:o]', $text);
487 djmaze 9.16 $text = strip_tags($text, '<br><p><strong>');
488 djmaze 9.16 return trim($text);
489 djmaze 9.16 }
490 djmaze 1.1  
491 djmaze 1.45 function Fix_Quotes($str, $nohtml=false, $spchar=false) {
492 djmaze 9.16 global $db;
493 djmaze 9.16 if ($nohtml) { $str = strip_tags($str); }
494 djmaze 9.16 if ($spchar) { $str = htmlspecialchars($str,ENT_NOQUOTES,'UTF-8'); }
495 djmaze 9.16 return $db->sql_escape_string(trim($str));
496 djmaze 1.1 }
497 djmaze 1.1  
498 djmaze 9.64 # Text Filtering
499 djmaze 1.1 function check_words(&$Message) {
500 djmaze 9.16 global $CensorList, $CensorReplace, $CensorMode;
501 djmaze 9.16 if ($CensorMode != 0) {
502 djmaze 9.16 if (is_array($CensorList)) {
503 djmaze 9.16 if ($CensorMode == 1) {
504 djmaze 9.16 for ($i = 0; $i < count($CensorList); $i++) {
505 djmaze 9.16 $Message = eregi_replace("$CensorList[$i]([^a-zA-Z0-9])","$CensorReplace\\1",$Message);
506 djmaze 9.16 }
507 djmaze 9.16 } elseif ($CensorMode == 2) {
508 djmaze 9.16 for ($i = 0; $i < count($CensorList); $i++) {
509 djmaze 9.16 $Message = eregi_replace("(^|[^[:alnum:]])$CensorList[$i]","\\1$CensorReplace",$Message);
510 djmaze 9.16 }
511 djmaze 9.16 } elseif ($CensorMode == 3) {
512 djmaze 9.16 for ($i = 0; $i < count($CensorList); $i++) {
513 djmaze 9.16 $Message = eregi_replace($CensorList[$i],$CensorReplace,$Message);
514 djmaze 9.16 }
515 djmaze 9.16 }
516 djmaze 9.16 }
517 djmaze 9.16 }
518 djmaze 9.16 return $Message;
519 djmaze 1.1 }
520 djmaze 1.1  
521 djmaze 9.64 # Deprecated Functions
522 djmaze 9.78 if (CPG_DEBUG) { include(CORE_PATH.'removed.php'); }
523 djmaze 1.1  
524 djmaze 9.64 # Time Formatting
525 djmaze 1.1 function gmtime() {
526 djmaze 9.16 static $time;
527 djmaze 9.16 if (!$time) { $time = (time() - date('Z')); }
528 djmaze 9.16 return $time;
529 djmaze 1.1 }
530 djmaze 1.1 function formatDateTime($time, $format) {
531 djmaze 9.16 global $userinfo;
532 djmaze 9.23 return L10NTime::strftime($format, $time, $userinfo['user_dst'], $userinfo['user_timezone']);
533 djmaze 1.1 }
534 djmaze 1.1  
535 djmaze 9.64 # IP Handling
536 djmaze 1.1 function encode_ip($dotquad_ip) {
537 djmaze 9.16 $ip_sep = explode('.', $dotquad_ip);
538 djmaze 9.16 return (count($ip_sep) == 4) ? sprintf('%02x%02x%02x%02x', $ip_sep[0], $ip_sep[1], $ip_sep[2], $ip_sep[3]) : '';
539 djmaze 1.1 }
540 djmaze 1.1 function decode_ip($int_ip) {
541 djmaze 9.16 $hexipbang = explode('.', chunk_split($int_ip, 2, '.'));
542 djmaze 9.16 return hexdec($hexipbang[0]). '.' . hexdec($hexipbang[1]) . '.' . hexdec($hexipbang[2]) . '.' . hexdec($hexipbang[3]);
543 djmaze 1.1 }
544 djmaze 1.1  
545 djmaze 9.64 # Caching
546 djmaze 8.22 function cache_save_array($name, $module_name='config', $array=false) {
547 djmaze 9.16 Cache::array_save($name, $module_name, $array);
548 djmaze 1.1 }
549 djmaze 8.22 function cache_load_array($name, $module_name='config', $global=true) {
550 djmaze 9.16 return Cache::array_load($name, $module_name, $global);
551 djmaze 1.1 }
552 djmaze 8.12 function cache_delete_array($name, $module_name='config') {
553 djmaze 9.16 Cache::array_delete($name, $module_name);
554 djmaze 1.51 }
555 djmaze 8.23 function file_write($filename, &$content, $mode='wb') {
556 djmaze 9.16 if (!$fp = fopen($filename, $mode)) {
557 djmaze 9.16 trigger_error("Cannot open file ($filename)", E_USER_WARNING);
558 djmaze 9.16 return false;
559 djmaze 9.16 }
560 djmaze 9.16 flock($fp, LOCK_EX);
561 djmaze 9.80 $bytes_written = fwrite($fp, $content);
562 djmaze 9.16 flock($fp, LOCK_UN);
563 djmaze 9.80 fclose($fp);
564 djmaze 9.80 if ($bytes_written === FALSE) {
565 djmaze 9.80 trigger_error("Couldn't write to file ($filename)", E_USER_WARNING);
566 djmaze 9.16 return false;
567 djmaze 9.16 }
568 djmaze 9.16 if (!defined('PHP_AS_NOBODY')) { define_nobody($filename); }
569 djmaze 9.16 chmod($filename, (PHP_AS_NOBODY ? 0666 : 0644));
570 djmaze 9.16 return true;
571 djmaze 8.23 }
572 djmaze 9.8  
573 djmaze 9.8 function define_nobody($file) {
574 djmaze 9.16 if (!defined('PHP_AS_NOBODY')) {
575 djmaze 9.16 define('PHP_AS_NOBODY', (getmyuid() != fileowner($file) || _DRAGONLY_OWNER == 'nobody'));
576 djmaze 9.16 }
577 djmaze 9.8 }
578 djmaze 9.78  
579 djmaze 9.78 # stops the page creation and shows an error page
580 djmaze 9.78 function cpg_error($message, $title='ERROR', $redirect=false) {
581 djmaze 9.78 global $userinfo, $cpgtpl, $SESS, $MAIN_CFG;
582 djmaze 9.78 if ($redirect) { url_refresh($redirect); }
583 djmaze 9.78 if ($title == 301) {
584 djmaze 9.78 $title = 'Moved';
585 djmaze 9.78 header('HTTP/1.0 301 Moved Permanently');
586 djmaze 9.78 } elseif ($title == 401) {
587 djmaze 9.78 $title = (defined('_ACCESSDENIED') ? _ACCESSDENIED : 'Access Denied');
588 djmaze 9.78 header('HTTP/1.0 401 Unauthorized');
589 djmaze 9.78 } elseif ($title == 404) {
590 djmaze 9.78 $title = 'Not found';
591 djmaze 9.78 header('HTTP/1.0 404 Not Found');
592 djmaze 9.78 }
593 djmaze 9.78 if (is_object($cpgtpl)) {
594 djmaze 9.80 global $pagetitle, $showblocks, $home, $modheader, $mainindex, $CPG_SESS;
595 djmaze 9.78 $home = $showblocks = 0;
596 djmaze 9.78 $pagetitle = $title;
597 djmaze 9.78 $modheader .= '<meta name="robots" content="noindex,follow" />
598 djmaze 9.78 <meta name="robots" content="noarchive" />';
599 djmaze 9.78 if (!defined('HEADER_OPEN')) { require_once(BASEDIR.'header.php'); }
600 djmaze 9.78 OpenTable();
601 djmaze 9.78 echo '<center>'.$message.'<br /><br />';
602 djmaze 9.78 $link = ($redirect) ? '<a href="'.$redirect.'">'._GO.'</a>' : '[ <a href="'.$mainindex.'">'._HOME.'</a> ] '._GOBACK.'</center>';
603 djmaze 9.78 echo $link;
604 djmaze 9.78 CloseTable();
605 djmaze 9.80 if (is_admin() && $MAIN_CFG['debug']['session'] && !empty($CPG_SESS)) {
606 djmaze 9.78 OpenTable();
607 djmaze 9.78 echo '<pre>'.print_r($CPG_SESS, true).'</pre>';
608 djmaze 9.78 CloseTable();
609 djmaze 9.78 }
610 djmaze 9.78 require_once(BASEDIR.'footer.php');
611 djmaze 9.78 } else {
612 djmaze 9.78 require_once(BASEDIR.'includes/cpg_page.php');
613 djmaze 9.78 $errorpage = cpg_header($title);
614 djmaze 9.78 $errorpage .= "<center>$message</center>";
615 djmaze 9.78 $errorpage .= cpg_footer();
616 djmaze 9.78 if (isset($SESS)) $SESS->write_close();
617 djmaze 9.78 die($errorpage);
618 djmaze 9.78 }
619 djmaze 9.78 }


Code Credits - Privacy Policy